Introduction to How Spyware Works
Spyware has been known to masquerade as a prize-notification pop-up window.Spyware is a category of computer programs that attach themselves to your operating system in nefarious ways. They can suck the life out of your computer's processing power. They are designed to track your Internet habits, nag you with unwanted sales offers or generate traffic for their host Web site. According to recent estimates, more than two-thirds of all personal computers are infected with some kind of spyware [ref]. But before you chuck your computer out the window and move to a desert island, you might want to read on. In this article we'll explain how spyware gets on your computer, what it does there and how to get rid of it.
Malware - a general term for any program that makes changes (does malicious or "bad" things) without your express permission
Adware - programs designed specifically to deliver unrequested advertising
Stealware - specific spyware designed to capture clicks or Web-site referral credits
Browser hijacker - a malicious program that becomes deeply embedded in your browser's code and core functionality.
Spyware, on the other hand, is generally not designed to damage your computer. Spyware is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.
At present, most spyware targets only the Windows operating system. Some of the more notorious spyware companies include Gator, Bonzi Buddy, 180 Solutions, DirectRevenue, Cydoor, CoolWebSearch, Xupiter, XXXDial and Euniverse.
Spyware usually gets onto your machine because of something you do, like clicking a button on a pop-up window, installing a software package or agreeing to add functionality to your Web browser. These applications often use trickery to get you to install them, from fake system alert messages to buttons that say "cancel" when they really do the opposite.
Here are some of the general ways in which Spyware finds its way into your computer:
Piggybacked software installation - Some applications -- particularly peer-to-peer file-sharing clients -- will install spyware as a part of their standard install. If you don't read the installation list closely, you might not notice that you're getting more than the file-sharing application you want. This is especially true of the "free" versions that are advertised as an alternative to software you have to buy. There's no such thing as a free lunch.
While it officially claims otherwise, Kazaa has been known to include spyware in its download package.
Internet Explorer security warningIf your security settings are set low enough, you won't even get the warning.
Browser add-ons - These are pieces of software that add enhancements to your Web browser, like a toolbar, animated pal or additional search box. Sometimes, these really do what they say they do but also include elements of spyware as part of the deal. Or sometimes they are nothing more than thinly veiled spyware themselves. Particularly nasty add-ons are considered browser hijackers -- these embed themselves deeply in your machine and take quite a bit of work to get rid of.
Bonzi Buddy is an "add-on" application that includes spyware in its package.
When you run the tool, it tells you your computer is clean while it installs additional spyware of its own.
Snitches and Sneaks There are computer programs that truly "spy" on you. There are applications designed to silently sit on your desktop and intercept personal information like usernames and passwords. These programs include Bugdrop, Back Orifice and VX2. These are more like viruses or hacker tools than spyware.
Spyware can do any number of things once it is installed on your computer.
At a minimum, most spyware runs as an application in the background as soon as you start your computer up, hogging RAM and processor power. It can generate endless pop-up ads that make your Web browser so slow it becomes unusable. It can reset your browser's home page to display an ad every time you open it. Some spyware redirects your Web searches, controlling the results you see and making your search engine practically useless. It can also modify the DLLs (dynamically linked libraries) your computer uses to connect to the Internet, causing connectivity failures that are hard to diagnose.
Certain types of spyware can modify your Internet settings so that if you connect through dial-up service, your modem dials out to expensive, pay telephone numbers. Like a bad guest, some spyware changes your firewall settings, inviting in more unwanted pieces of software. There are even some forms that are smart enough to know when you try to remove them in the Windows registry and intercept your attempts to do so.
The point of all this from the spyware makers' perspective is not always clear. One reason it's used is to pad advertisers' Web traffic statistics. If they can force your computer to show you tons of pop-up ads and fake search results, they can claim credit for displaying that ad to you over and over again. And each time you click the ad by accident, they can count that as someone expressing interest in the advertised product.
Another use of spyware is to steal affiliate credits. Major shopping sites like Amazon.com and Ebay.com offer credit to a Web site that successfully directs traffic to their item pages. Certain spyware applications capture your requests to view sites like Amazon and Ebay and then take the credit for sending you there.
Use a pop-up blocker.Many of the current browsers, including Internet Explorer 6.0 and Mozilla Firefox 1.0, have the ability to block all Web sites from serving you pop-up windows. This function can be configured to be on all of the time or to alert you each time a site wants to pop up a new window. It can also tell you where the pop-up is coming from and selectively allow windows from trusted sources.
Disable Active-X.Most browsers have security settings in their preferences which allow you to specify which actions Web sites are allowed to take on your machine. Since many spyware applications take advantage of a special code in Windows called Active-X, it's not a bad idea to simply disable Active-X on your browser. Note that if you do this, you will also disallow the legitimate uses for Active-X, which may interfere with the functionality of some Web sites.
Be suspicious of installing new software.In general, it pays to be suspicious when a site asks to install something new on your computer. If it's not a plug-in you recognize, like Flash, QuickTime or the latest Java engine, the safest plan of action is to reject the installation of new components unless you have some specific reason to trust them. Today's Web sites are sophisticated enough that the vast majority of functionality happens inside your browser, requiring only a bare minimum of standard plug-ins. Besides, it never hurts to reject the installation first and see if you can get on without it. A trustworthy site will always give you the opportunity to go back and download a needed component later.
Use the "X" to close pop-up windows.Get to know what your computer's system messages look like so that you can spot a fake. It's usually pretty easy to tell the difference once you get to know the standard look of your system alerts. Stay away from the "No thanks" buttons if you can help it, and instead close the window with the default "X" at the corner of the toolbar. For an even more reliable option, use the keystroke combination for "close window" built into your software. You can look in your browser's "File" menu to find it.
No comments:
Post a Comment